<?php
class Server {
  public static function reset($orm, $sys, $inst, $is_iframe) {
    $req = json_decode(Utils::get_param('req', '[]'));
    
    $opts = new stdClass();
    $opts->cd = 't.reset_key = :v1';
    $opts->cdv = array(':v1' => $req->__key);
    $rslt = $orm->get('pb_ht_customer', NULL, NULL, NULL, NULL, $opts)->d;
    if (count($rslt) == 0) {
      echo '用户不存在';
      return;
    }
    
    if (strlen($req->pass) < 6 || strlen($req->pass) > 16) {
      echo '密码必须6-16位';
      return;
    }
    if ($req->pass != $req->retype) {
      echo '密码不一致';
      return;
    }
    
    $rslt[0]->password = md5($rslt[0]->salt . $req->pass);
    $rslt[0]->reset_key = '';
    $rslt[0]->reset_exp = '0000-00-00 00:00:00';
    $orm->update('pb_ht_customer', $rslt[0]);
    
    unset($rslt[0]->password);
    $_SESSION['user'] = json_encode($rslt[0]);
  }
}
?>